from flask_login import current_user

from controllers.errors.error import UnauthorizedAndForceLogout
from core.entities.account_role import AccountRole

from core.entities.account_role import AccountRole
from models.common import EndUser
from functools import wraps
from flask_babel import _

from services.role_service import RoleService

# def check_role(*, base_role: AccountRole|None = None,equer_role: AccountRole|None = None):
#     def decorator(view):
#         @wraps(view)
#         def decorated(
#             *args, **kwargs
#         ):  # 定义一个装饰函数，接收任意数量的位置参数和关键字参数
#             if current_user:  # 检查当前用户是否存在
#                 if isinstance(current_user, EndUser):  # 检查当前用户是否是EndUser类型
#                     raise UnauthorizedAndForceLogout(
#                         _("You are not authorized to access this resource.")
#                     )
#                 if current_user.current_role is None:
#                     raise UnauthorizedAndForceLogout(
#                         _("You are not authorized to access this resource.")
#                     )
#                 if base_role is not None and not AccountRole.is_privileged_to_role(
#                     current_user.current_role, base_role.value
#                 ):
#                     raise UnauthorizedAndForceLogout(
#                         _("You are not authorized to access this resource.")
#                     )
#                 if equer_role is not None and current_user.current_role != equer_role.value:
#                     raise UnauthorizedAndForceLogout(
#                         _("You are not authorized to access this resource.")
#                     )
                
#             else:
#                 raise UnauthorizedAndForceLogout(
#                         _("You are not authorized to access this resource.")
#                     )
#             return view(*args, **kwargs)
            
#         return decorated

#     return decorator


def check_perms(*, perms: list[str]):
    def decorator(view):
        @wraps(view)
        def decorated(
            *args, **kwargs
        ):  # 定义一个装饰函数，接收任意数量的位置参数和关键字参数
            if current_user:  # 检查当前用户是否存在
                if isinstance(current_user, EndUser):  # 检查当前用户是否是EndUser类型
                    raise UnauthorizedAndForceLogout(
                        _("You are not authorized to access this resource.")
                    )
                if not current_user.roles:
                    raise UnauthorizedAndForceLogout(
                        _("You are not authorized to access this resource.")
                    )
                if not RoleService.check_perms(current_user.current_tenant_id,current_user.roles, perms):
                    raise UnauthorizedAndForceLogout(
                        _("You are not authorized to access this resource.")
                    )
                
            else:
                raise UnauthorizedAndForceLogout(
                        _("You are not authorized to access this resource.")
                    )
            return view(*args, **kwargs)
            
        return decorated

    return decorator
